The Hits Keep Coming: More Transitional Cybersecurity Requirements in New York

It has been more than a year and a half since the New York Department of Financial Services cybersecurity regulations (cyber rules) came into effect, and yet another deadline has passed.

Broadly, “covered entities,” which means you if you are an insurer, individual broker, agent or adjuster licensed by or registered with the NYDFS, were required to have implemented audit trails so security incidents can be detected and responded to quickly and material financial transactions can be reconstructed in the event that electronic data is modified or erased (for example, if ransomware encrypts all of the files on your server and you are unable to retrieve them).